1. Field of the Invention
The present invention relates to the field information networking and more specifically to providing configuration from a subscriber to a provider in a network.
2. Description of the Related Art
Communication of configuration information between two devices in a network is known in the art. It is important, especially where the configuration information is communicated over an insecure communication network (such as the internet, publicly switched telephone network (PSTN), a cable network or the like) to allow for verification of the integrity of the configuration information. One way to allow for verification of the configuration information is to provide an integrity check field. The integrity check field is transmitted between the device originating the configuration information (the first device) and the device receiving the configuration information (the second device). The integrity check field may be calculated based on the configuration information and a secret code. Any number of methods are known to calculate an integrity check field. One method is to perform a hash function over the contents of a data file. A hash code is produced. For purposes of this application, the term "data file" refers to a set of information and is generally some binary encoded representation of the information. The data file may comprise information ranging from, for example, textual information to video. If the contents of the data file are altered, the hash function is designed to provide a high degree of assurance that a different hash value would result of the hash function were performed again on the modified data file. It is possible to perform the hash function on the contents of a data file (which is to be shared) and a secret key. The data file and the hash value are transferred from a first device to a second device. If the second device also knows the secret key, it can perform the same hash function and compare the resulting hash value with the hash value received from the first device. If the hash values match, the second device can know with a high degree of reliability that the data file was not changed in route.
One method of performing message authentication using a cryptographic hash function is described in Network Working Group Request for Comments (RFC) 2104, February, 1997 titled "HMAC: Keyed-Hashing for Message Authentication". One cryptographic hash function discussed in RFC 2104 is the so-called MD5 which is described in greater detail in Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, April 1992.
One issue that exists with message authentication using a cryptographic hash function is that it requires the first device and the second device to share the secret information. However, if the secret information is transmitted over the insecure communication network, it may be observed by a third party (an interloper). The interloper may then intercept the configuration file in route between the first device and the second device and modify the configuration file. As the secret is known to the interloper, the interloper may also recalculate the integrity check field so that the change to the configuration file will not be detectable by the second device.
Of course, it is possible to communicate the secret code over a secure communication channel (for example, it may be encrypted in transmission or delivered using an alternate communication channel such as manual delivery using a trusted courier between the first device and the second device).
Of course, it may be difficult to communicate the secret over a secure communication channel for any number of reasons. For example, the number of second devices may become large. As a result, not only is communication of the secret difficult simply as a result of the number of second devices, but the secrecy of the secrecy code may be called into question because it is shared with a large number of second devices. In addition, access to the second devices over a secure communications channel in certain networks may be problematic.
It would be useful to allow verification of a configuration file (or other data file) by a second device in an unsecure network without need to provide II for secure communication of a secret code between the second device and the first device.